<?php
	require_once 'init.php';
	if ( $_SERVER["REQUEST_METHOD"] == "POST" )
	{
		$usernc = $util->quotes($_POST["usernc"]);
		$password = $util->quotes($_POST["userpwd"]);
		
		if ($usernc != "" && $password != "") {			
			$user = $adminDB->executeSQL("select id, fdName from ".$util->userdbName().".tbUser where fdLogin='".$usernc."' and fdPassword='".md5($password)."'", $connID);
			if (! $user) {
				echo "<script>alert('用户名或密码输入有误，请重试！');window.location.href='login.php';</script>";
			} else {
				if (isset($_SESSION["unc"])) {
					session_unregister('unc');
				}
				$_SESSION['unc'] = $usernc;
				if (isset($_SESSION["un"])) {
					session_unregister('un');
				}
				$_SESSION['un'] = $user[0]['fdName'];
				@$adminDB->executeSQL("update ".$util->userdbName().".tbUser set fdActive=now() where fdName='".$_SESSION['unc']."'", $connID);
				if (isset($_SESSION['toUrl'])) {
					echo "<script>window.location.href='".$_SESSION['toUrl']."';</script>";					
				} else {
					echo "<script>window.location.href='usercenter.php';</script>";					
				}
			}
		}
	}
?>